CGEIT · Question #636
CGEIT Question #636: Real Exam Question with Answer & Explanation
The correct answer is A: Product compliance criteria. Before procuring IoT devices, establishing product compliance criteria is paramount to ensure devices meet necessary regulatory and security standards. This step precedes vendor engagement to inform procurement requirements.
Question
A healthcare enterprise is procuring Internet of Things (IoT) devices to be used across its facilities. Which of the following is MOST important to establish before vendors are engaged to provide the devices?
Options
- AProduct compliance criteria
- BPatient training
- CPhysical security audits
- DVendor delivery timelines
Explanation
Before procuring IoT devices, establishing product compliance criteria is paramount to ensure devices meet necessary regulatory and security standards. This step precedes vendor engagement to inform procurement requirements.
Common mistakes.
- B. Patient training is an operational activity that occurs much later, after devices have been procured, deployed, and are ready for use, and does not precede vendor engagement.
- C. Physical security audits are important for facilities and existing infrastructure, but establishing device-specific compliance is a prerequisite before engaging vendors for new IoT products.
- D. Vendor delivery timelines are logistical details that are negotiated after compliance criteria are established and vendors are selected based on their ability to meet those criteria.
Concept tested. IoT device procurement compliance
Reference. https://www.fda.gov/medical-devices/digital-health-center-excellence/cybersecurity
Topics
Community Discussion
No community discussion yet for this question.